I concur with funchords
.
Do NOT ignore TCP RST. Do NOT assume TCP RST will not happen during a normal TCP session -- it CAN happen on established connections which are being torn down by the remote end for one reason or another. It is a legitimate TCP flag that can happen in the middle of a connection when an anomaly occurs on the remote end.
I'm willing to bet you reached your conclusion solely by looking at the flow diagram on Wikipedia. Sadly, that diagram does not cover all cases with TCP. Here's some more appropriate reference information which you should read in full, supporting what funchords
and myself have advocated:
»
pages.cpsc.ucalgary.ca/~ ··· sets.pdfThat said, my opinionated response comes forth:
Stop trying to circumvent Comcast's TCP RST injection. There is nothing you can key off of to detect said injection; your only option is to use encryption, or wait for Comcast to remove the Sandvine equipment (which they had better do once the caps are put in place). I hate it as much as you do, if not more so, but there is no way I'm going to violate standard protocol to try and work around it.
Please remove the iptables rule you added.